03.100.70 - Management systems

This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization. The intended audience for this document is: — governing body and top management; — those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on ISO/IEC 27001; — those responsible for in...view more

This document gives general guidelines for organizations seeking to systematically manage environmental aspects or respond to the effects of changing environmental conditions within one or more environmental topic areas, based on ISO 14001.
This document also constitutes a framework for common elements of subsequent parts of the ISO 14002 series.

This document provides guidance on the implementation of the ISO 19443 requirements, with examples of possible steps an organization can take to meet the requirements. It does not add to, subtract from, or in any way modify those requirements. This document does not prescribe mandatory approaches to implementation, or provide any preferred method of interpretation.

The scope of this Recommendation | International Standard is to define guidelines supporting the implementation of
information security controls in telecommunications organizations.
The adoption of this Recommendation | International Standard will allow telecommunications organizations to meet
baseline information security management requirements of confidentiality, integrity, availability and any other relevant
security property.

1.1   Application:
This document defines the common nonconformity data definition and documentation that shall be exchanged between an internal/external supplier or sub-tier supplier, and the customer when informing about a nonconformity requiring formal decision. The requirements are applicable, partly or totally, when reporting a product nonconformity to the owner or operator, as user of the end item (e.g. engine, aircraft, spacecraft, helicopter), if specified by contract.
Reporting of noncon...view more

This document specifies high-level requirements for management systems for sustainable cocoa bean production, including post-harvest processes, if applicable, and traceability of the sustainably produced cocoa beans within the organization producing the cocoa beans.
NOTE 1 Post-harvest processes include pod-breaking, fermentation, drying, sorting, packing, transport and storage of cocoa beans.
Only organizations that fulfil both the cocoa sustainability management system requirements of either...view more

IEC 63152:2020 establishes concepts and gives guidelines to help sustain a variety of city services on the occasion of a disaster from the perspective of providing electricity. It outlines the basic concepts on how multiple city services can cooperate and continue by electricity continuity plan(s) and electricity continuity system(s). It also specifies methods and means to establish these.
The users of this document are assumed to be city developers, city operators, equipment manufacturers, ess...view more

This document gives practical guidelines and examples for establishing, implementing, maintaining and improving an energy management system (EnMS) in accordance with the systematic approach of ISO 50001:2018. The guidance in this document is applicable to any organization. This document does not provide guidance on how to develop an integrated management system. While the guidance in this document is consistent with the requirements of ISO 50001:2018, it does not provide interpretations of those...view more

This document defines quality management system requirements for product and service supply
organizations to the petroleum, petrochemical and natural gas industries.
This document is written as a supplement to ISO 9001:2015. The supplementary requirements and
guidance to ISO 9001:2015 have been developed to manage supply chain risks and opportunities
associated with the petroleum, petrochemical and natural gas industries and to provide a framework
for aligning requirements with complementar...view more

This document defines quality management system requirements for product and service supply organizations to the petroleum, petrochemical and natural gas industries. This document is written as a supplement to ISO 9001:2015. The supplementary requirements and guidance to ISO 9001:2015 have been developed to manage supply chain risks and opportunities associated with the petroleum, petrochemical and natural gas industries and to provide a framework for aligning requirements with complementary sta...view more

This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market). This document explains how to: — include requirements in addition to those in ISO/IEC 27001, — refine or interpret any of the ISO/IEC 27001 requirements, — include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002, — modify any of the controls of ISO/IEC 2700...view more

This International Standard specifies the requirements for establishing, implementing, maintaining
and continually improving an information security management system within the context of the
organization. This International Standard also includes requirements for the assessment and treatment
of information security risks tailored to the needs of the organization. The requirements set out in this
International Standard are generic and are intended to be applicable to all organizations, rega...view more

EN-ISO/IEC 27019 provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes. This includes in particular the following: - central and distributed process control, monitoring and automation technology as well as information systems used for their ope...view more

EN-ISO 14006 gives guidelines for assisting organizations in establishing, documenting, implementing, maintaining and continually improving their management of ecodesign as part of an environmental management system (EMS).This document is intended to be used by organizations that have implemented an EMS in accordance with ISO 14001, but it can also help in integrating ecodesign using other management systems. The guidelines are applicable to any organization regardless of its type, size or produ...view more

ISO 22313 gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.This document is applicable to organizations that:a) implement, maintain and improve a BCMS;b) seek to ensure conformity with stated business continuity policy;c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruptio...view more

EN-ISO/IEC 27019 provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes. This includes in particular the following: - central and distributed process control, monitoring and automation technology as well as information systems used for their ope...view more

EN ISO/IEC 27000 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards.

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice.
This document is applicable to organizations that:
a) implement, maintain and improve a BCMS;
b) seek to ensure conformity with stated business continuity policy;
c) need to be able to continue to deliver products and services at an acceptable predefined capacity during...view more

This document gives guidance and recommendations for applying the requirements of the business continuity management system (BCMS) given in ISO 22301. The guidance and recommendations are based on good international practice. This document is applicable to organizations that: a) implement, maintain and improve a BCMS; b) seek to ensure conformity with stated business continuity policy; c) need to be able to continue to deliver products and services at an acceptable predefined capacity during a d...view more